W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > October to December 1999

RE: Null Canonicalization Algorithm

From: <david.solo@citicorp.com>
Date: Wed, 20 Oct 1999 08:24:55 -0400
Message-Id: <H0000cc4048457a6@MHS>
TO: jimsch@EXCHANGE.MICROSOFT.com, w3c-ietf-xmldsig@w3.org
At least at the moment, we still have two c14n algorithms, one for signedInfo 
and one for objects.  I agree with your statement as it applies to objects; but 
I'm not sure about it for SignedInfo.   In SignedInfo, the c14n alg is 
mandatory, so you'd need a NULL alg ID if you wanted to sign the data as 
transmitted.   I'd suggest leaving the alg ID there until we resolve the 
question about fixing the SignedInfo c14n alg.

Dave

> -----Original Message-----
> From: jimsch [mailto:jimsch@EXCHANGE.MICROSOFT.com]
> Sent: Tuesday, October 19, 1999 6:22 PM
> To: w3c-ietf-xmldsig
> Cc: jimsch
> Subject: Null Canonicalization Algorithm
> 
> 
> Given the text in section 4.3.3 about transformations only be 
> applied if
> they are listed, and the text in section 1.3.3 "If no Transformations
> element is present, the data pointed at by Location is 
> digested directly".
> I believe that we can remove the NULL canonicalization 
> algorithm from the
> document.  The algorithm basically states that you do no 
> changes on the
> input before hashing it.  This is the same thing as the text 
> in section
> 1.3.3 says.
> Note:  It might be wise to copy this comment to section 4.3.3 
> as well for
> people to easily see it during implemenation.
> Recommend:  Remove NULL Canonicalization algorithm from the 
> document in all
> locations.
> jim schaad
> 


Received on Wednesday, 20 October 1999 08:25:54 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:08 GMT